﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.Common;
using Microsoft.Practices.EnterpriseLibrary.Data;
using DuJianliang.ApplicationPlatform.UserPermission;

namespace DuJianliang.ApplicationPlatform
{
    public partial class Login : System.Web.UI.Page
    {
        Database db = DatabaseFactory.CreateDatabase();
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {

            }
        } 

        protected bool CheckLogin(string username, string pws)
        {
            string sql = @"SELECT COUNT(*) FROM t5715_User WHERE(UserName = @UserName) AND (Password = @Pws)";

            try
            {               
                DbCommand cmd = db.GetSqlStringCommand(sql);
                db.AddInParameter(cmd, "@UserName", DbType.String, username);
                db.AddInParameter(cmd, "@Pws", DbType.String, pws);
                object obj = db.ExecuteScalar(cmd);
                if (obj.ToString() == "0")
                    return false;
                else
                    return true;
            }
            catch (Exception ex)
            {                
                throw ex;
            }         
        }

        protected void btnOK_Click1(object sender, ImageClickEventArgs e)
        {
            string strName = txtUsername.Text.Trim();
            string strPws = txtPassword.Text.Trim();

            UserPermissionBll userPermissionBll = new UserPermissionBll();

            if (CheckLogin(strName, strPws))
            {
                string sql = @"SELECT top 1 * FROM  t5715_User WHERE     (UserName = @UserName) AND (Password =@Password)";
                DbCommand cmd = db.GetSqlStringCommand(sql);
                db.AddInParameter(cmd, "@UserName", DbType.String, strName);
                db.AddInParameter(cmd, "@Password", DbType.String, strPws);
                Model.UserInfo user = new Model.UserInfo();
                using (IDataReader r = db.ExecuteReader(cmd))
                {
                    while (r.Read())
                    {
                        user.ID = r["UserID"].ToString();
                        user.Password = r["Password"] != null ? r["Password"].ToString() : string.Empty;
                        user.TrueName = r["TrueName"] != null ? r["TrueName"].ToString() : string.Empty;
                        user.UserName = r["UserName"] != null ? r["UserName"].ToString() : string.Empty;
                        user.Email = r["Email"] != null ? r["Email"].ToString() : string.Empty;
                        if (r["IsAdmin"] != null)
                        {
                            bool isAdmin = false;
                            if (bool.TryParse(r["IsAdmin"].ToString(), out isAdmin))
                            {
                                user.IsAdmin = isAdmin;
                            }
                        }
                        user.Dept = userPermissionBll.GetDeptByUserID(user.ID);

                        Common.CurrentInfo.Instance.CurrentUser = user;
                    }
                }

                Response.Redirect("Default.aspx");
            }
            else
            {
                lblMessage.Text = "用户名或密码错误！";
            }
        }
    }
}